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Abstract. In this paper we consider first-order logic theorem proving 
and model building via approximation and instantiation. Given a clause 
set we propose its approximation into a simplihed clause set where sat¬ 
isfiability is decidable. The approximation extends the signature and 
preserves unsatisfiability: if the simplihed clause set is satishable in some 
model, so is the original clause set in the same model interpreted in the 
original signature. A refutation generated by a decision procedure on the 
simplihed clause set can then either be lifted to a refutation in the orig¬ 
inal clause set, or it guides a rehnement excluding the previously found 
unliftable refutation. This way the approach is refutationally complete. 

We do not step-wise lift refutations but conhicting cores, hnite unsatish- 
able clause sets representing at least one refutation. The approach is dual 
to many existing approaches in the literature because our approximation 
preserves unsatishability. 

1 Introduction 

The Inst-Gen calculus by Ganzinger and Korovin [5] and its implementation 
in iProver has shown to be very successful!. The calculus is based on a under¬ 
approximation - instantiation refinement loop. A given first-order clause set is 
under-approximated by finite grounding and afterwards a SAT-solver is used to 
test unsatishability. If the ground clause set is unsatishable then a refutation for 
the original clause set is found. If it is satishable, the model generated by the 
SAT-solver is typically not a model for the original clause set. If it is not, it is 
used to instantiate the original clause such that the found model is ruled out for 
the future. 

In this paper we dehne a calculus that is dual to the Inst-Gen calculus. 
A given hrst-order clause set is over-approximated into a decidable fragment 
of hrst-order logic: a monadic, shallow, linear Horn (mslH) theory [12]. If the 
over-approximated clause set is satishable, so is the original clause set. If it is 
unsatishable, the found refutation is typically not a refutation for the original 
clause set. If it is not, the refutation is analyzed to instantiate the original 
clause set such that the found refutation is ruled out for the future. The mslH 
fragment properly include hrst-order ground logic, but is also expressive enough 
to represent minimal inhnite models. 


In addition to developing a new proof method for first-order logic this con¬ 
stitutes our second motivation for studying the new calculus and the particular 
mslH approximation. It is meanwhile accepted that a model-based guidence can 
significantly improve an automated reasoning calculus. The propositional CDCL 
calculus [8] is one prominent example for this insight. In first-order logic, (par¬ 
tial) model operators typically generate inductive models for which almost all 
interesting properties become undecidable, in general. One way out of this prob¬ 
lem is to generate a model for an approximated clause set, such that important 
properties with respect to the original clause set are preserved. In the case of 
our calculus and approximation, a found model can be effectively translated 
into a model for the original clause set. So our result is also a first step towards 
model-based guidence in first-order logic automated reasoning. 


For example, consider the first-order Horn clauses S{x) —>■ P{x,g{x)); S{a); 
S{b)-, S{g{x)); ^P{a,g{b))-, ^P{g{x), g{g{x))) that are approximated (Section^ 
into the mslH theory S{x),R{y) —>■ T{fp{x,y)); S{x) —>■ R{g{x))] S'(a); S(b); 
S{g{x)); -'T{fp{a,g{b))); -tT{fp{g{x),g{g{x)))) where the relation P is encoded 
by the function fp and the non-linear occurrence of x in the first clause is ap¬ 
proximated by the introduction of the additional variable y. The approximated 
clause set has two refutations: one using -tT{fp{a,g{b))) and the second us¬ 
ing -^T{fp{g{x),g{g{x)))) plus the rest of the clauses, respectively. While the 
first refutation cannot be lifted, the second one is liftable to a refutation of the 
original clause set (Section [3]). Actually, we do not consider refutations, but con¬ 
flicting cores (Definition [T|). Conflicting cores are finite, unsatisfiable clause sets 
where variables are considered to be shared among clauses and rigid such that 
any instantiation preserves unsatisfiability. Conflicting cores can be effectively 
generated out of refutations via instantiation of (copies of) the input clauses 
involved in the refutation. For the above second refutation the conflicting core 
of the approximated clause set is S{g{x)), R{g{g{x))) —>■ T{fp{g{x), g{g{x)))); 
S{g{x)) R{g{g{x))); S{g{x)); -^T{fp{g{x),g{gix)))). 

In case the first refutation is selected for lifting, it fails, so the original clause set 
is refined (Section |4]). The refinement replaces the first clause with 
S{a) P{a,g{a)); S{b) P{b,g{b)) and S{g{x)) P{g{x),g{g{x))). 

The approximation of the resulting new clause set does no longer enable a refuta¬ 
tion using -•T{fp{a,g{b))). Therefore, the refutation using -T{fp{g{x),g{g{x)))) 
is found after refinement. In case the original clause set contains a non-Horn 
clause, one positive literal is selected by the approximation. 


The paper is now organized as follows. Section [2] introduces some basic no¬ 
tions and the approximation relation =^apr that transforms any first-order 
clause set into an mslH theory. The lifting of conflicting cores is described in 
Section[3]and the respective abstraction refinement in Section U] including sound¬ 
ness and completeness results. Missing proofs can be found in the appendix. The 
paper ends with Section [5] on future/related work and a conclusion. 
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2 Linear Shallow Monadic Horn Approximation 

We consider a standard first-order language without equality where S denotes 
the set of function symbols. The symbols x, y denote variables, a, b constants, 
/, g, h are functions and s, t terms. Predicates are denoted by S, P, Q, R, literals 
by E, clauses by C, D, and sets of clauses by N, M. The term t[s]p denotes that 
the term t has the subterm s at position p. The notion is extended to atoms, 
clauses, and multiple positions. A predicate with at most one argument is called 
monadic. A literal is either an atom or an atom preceded by -i and it is then 
respectively called positive or negative. A term is shallow if it has at most depth 
one. It is called linear if there are no duplicate variable occurrences. A literal, 
where every term is shallow, is also called shallow. A clause is a multiset of 
literals which we write as an implication P ^ A where the atoms in A denote 
the positive literals and the atoms in P the negative literals. If P is empty we 
omit —>■, e.g., we write P{x) instead of ^ P{x) whereas if A is empty —>■ is 
always shown. If a clause has at most one positive literal, it is a Horn clause. 
If there are no variables, then terms, atoms and clauses are respectively called 
ground. A substitution tr is a mapping from variables into terms denoted by pairs 
{x I—)• t}. If for some term (literal, clause) t, ta is ground, then cr is a grounding 
substitution. 

A Herbrand interpretation / is a - possibly infinite - set of positive ground 
literals and / is said to satisfy a clause C = P —>• A, denoted by / 1= C, if 
Aa nly^^oiPa^I for every grounding substitution a. An interpretation 
I is called a model of if / satisfies TV, J 1= TV, i.e., J 1= C for every C G N. 
Models are considered minimal with respect to set inclusion. A set of clauses 
TV is satisfiable, if there exists a model that satisfies TV. Otherwise the set is 
unsatisfiable. 

Definition 1 (Conflicting Core) A finite clause set TV-*- is a conflicting core 
if for all grounding substitutions t the clause set TV-’-r is unsatisfiable. TV-*- is a 
conflicting core of TV if TV-*- is a conflicting core and for every clause C G TV-*- 
there exists a C G N such that C = Co. 

Definition 2 (Specific Instances) Let C be a clause and cti, CT 2 be two sub¬ 
stitutions such that Ca\ and Ca 2 have no common instances. Then the specific 
instances of C with respect to ai, a 2 are clauses Cti, ... ,CTn such that (i) any 
ground instance of C is an instance of some Cxi, (ii) there is no Cxi such that 
both CfJi and Ca 2 are instances of Cxi. 

The definition of specific instances can be extended to a single substitution 
cr. In this case we require C and a to be linear, condition (i) from Definition!^ 
above, Ca = Cxi and no Cr^, f yf 1 has a common instance with Cxi. Note that 
under the above restrictions specific instances always exist [6]. 

Definition 3 (Approximation) Given a clause set TV and a relation ^ on 
clause sets with N ^ N' then (1) is called an over-approximation if satisfia¬ 
bility of N' implies satisfiability of N, (2) => is called an under-approximation 
if unsatisfiability of N' implies unsatisfiability of N. 
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Next we introduce our concrete over-approximation ^apr that eventually 
maps a clause set N to an mslH clause set N'. Starting from a clause set N 
the transformation is parameterized by a single monadic projection predicate T, 
fresh to N and for each non-monadic predicate P a projection function fp fresh 
to N. The approximation always applies to a single clause and we establish on 
the fly an ancestor relation between the approximated clause(s) and the parent 
clause. The ancestor relation is needed for lifting and refinement. 

Monadic N U {P ^ A, P{ti,... ,tn)} =^mo N L) {P ^ A,T{fp{ti,... ,tn))} 
provided n > 1; P{ti,... ,tn) is the ancestor of T{fp{ti,... ,t„)) 

Horn N U {P ^ El,..., En} =^ho N U {P ^ Ei} 
provided n > 1; P Ei,... ,En \s the ancestor of T Ei 

Shallow U {T ^ =J'sh U {S'(x), A —> U {/jj —>■ S'(s)} 

provided s is a complex term, p not a top position, x and S fresh, and AUA 2 = P ; 
P —> E[.s]p is the ancestor of S{x), Pi —>■ E[x]p and /2 -5- S'(s) 

Linear N Li {P ^ E[x]p^q} =>li N U {P{x x'}, P ^ E[x']q} 

provided x' is fresh, the positions p, q denote two different occurrences of x in 
E; P ^ E[x]p^q is the ancestor of T{a; x'}, P E[x']q 

For the Horn transformation, the choice of the Ei is arbitrary. In the Shallow 
rule. Pi and P^ can be arbitrarily chosen as long as they “add up” to P. The goal, 
however, is to minimize the set of common variables vars(/ 2 , s)nvars(Ti, E[x\p). 
If this set is empty the Shallow transformation is satisfiability preserving. In rule 
Linear, the duplication of P is not needed if a; ^ vars(T). 

Definition 4 {^apr) The overall approximation ^apr is given by ^apr = 
^MO U U ^SH U =>L/ with a preference on the different rules where 

Monadic precede Horn precede Shallow precede Linear transformations. 


Definition 5 Given a non-monadic n-ary predicate P, projection predicate T, 
and projection function fp, define the injective function pLp{P{ti,... ,tn)) '■= 
T{fp(ti,... ,tn)) and pp{Q{si ,..., Sm)) '■= Q(si,..., Sm) for any atom with a 
predicate symbol different from P. The function is extended to clauses, clause 
sets and interpretations. 

Lemma 1 {=^apr is sound and terminating) The approximation rules are 
sound and terminating: (i) ^apr terminates (ii) the Monadic transformation is 
an over-approximation (Hi) the Horn transformation is an over-approximation 
(iv) the Shallow transformation is an over-approximation (v) the Linear trans¬ 
formation is an over-approximation 
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Proof, (i) The transformations can be considered sequentially, because of the im¬ 
posed rule preference (Definition^). The monadic transformation strictly reduces 
the number of non-monadic atoms. The Horn transformation strictly reduces 
the number of non-Horn clauses. The Shallow transformation strictly reduces 
the multiset of term depths of the newly introduced clauses compared to the 
removed ancestor clause. The linear transformation strictly reduces the number 
of duplicate variables occurrences in positive literals. Hence ^apr terminates. 

(ii) Consider a transformation ^k+j that exactly removes all oc¬ 

currences of atoms P{ti,... ,tn) and replaces those by atoms T{fp{ti,..., t„)). 
Then, Nk+j = Hp{Nk) and Nk = Let I be a model of Nk+j and 

C G Nk- Since fJ.p{C) G Nk+j , I N Mp(C') and thus, 1= C. Hence, 

is a model of Nk- Therefore, the Monadic transformation is an over¬ 
approximation. 

(iii) Let TV U {T —>• Ei ,..., En} ^ho fV U {T —5> Ei}. The clause E ^ Ei 
subsumes the clause P -A Ei,... ,En. Therefore, for any J if / |= T Ei 
then / 1= T —>■ Ei,..., En. Therefore, the Horn transformation is an over¬ 
approximation. 

(iv) Let Nk = NU{r —>• £'[s]p} ^sh Nk+i = NU{S{x), Pi E[x\p\U{r 2 
S'(s)}. Let / be a model of Nk+i and C € Nk he a, ground clause. If C is an 
instance of a clause in TV, then J |= C. Otherwise C = {P ^ E\s\p)a for some 
ground substitution a. Then S{s)a,ria —>■ E\s\pU = {S{x),ri —>■ E[x\p){x 
s}cr G Nk+i and Tjcr —>■ S{s)a = (/2 —>• 5'(s))cr G TVfe+i. Since I \= Nk+i, I also 
satisfies the resolvent Act,/ 2 (T E\s\a = C. Hence I \= Nk. Therefore, the 
Shallow transformation is an over-approximation. 

(v) Let Nk = NU{r ->• E[x]p^q} ^li Nk+i = NU{r{x x'},r E[x']q}. 

Let / be a model of TV^+i and C £ Nk he a ground clause. If C is an instance 
of a clause in TV, then I \= C. Otherwise C = {P ^ E[x\p^q)a for some ground 
substitution tr. Then {r{x >->■ x'},r E[x']q){x' x}a G TV^+i and I \= 

{r{x 1 -^ x'},r —!> E[x']q){x' 1 -^ x}a = (P, P —>■ E[x]q)a \= C. Hence I |= Nk. 
Therefore, Linear transformation is an over-approximation. 

Corollary 2 (i) =^apr an over-approximation, (ii) If N ^APR > Ell ■■■ t En 
are the non-monadic predicates in TV and TV' is satisfied by model I, 
then is a model of N. 

Proof. Follows from Lemma [T] (ii)-(v). 

In addition to being an over-approximation, the minimal model (with respect 
to set inclusion) of the eventual approximation generated by ^apr preserves 
the skeleton term structure of the original clause set, if it exists. The refinement 
introduced in Section S] instantiates clauses. Thus it contributes to finding a 
model or a refutation. 

Definition 6 (Term Skeleton) The term skeleton of term t , skt{f), is defined 
as 

(1) skt(x) = x', where x' is a fresh variable 

(2) sktlf{si,..., Sn)) = f{skt{si),..., .skt{sn)). 
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Lemma 3 Let Nk be a monadic clause set and Nq be its approximation via 
^APR- Let No be satisfiable and I be a minimal model for Nq. If P{s) € I and 
P is a predicate in Nk, then there exists a clause C = P ^ A,P{t) S Nk and 
a substitution a such that s = skt(t)cr and for each variable x and predicate S 
with C = S{x), P' —> A, P{t[x\p), S{s") G I, where s = s[s"]p. 

Proof. By induction on k. 

For the base Nk = Nq, assume there is no C G Nq with Ca = P A, P{s) and 
P I. Then I \ {-P(s)} is still a model of Nq and therefore I is not minimal. 

Let N = Nk ^APR Nk-i ^APR LIo, P{s) G I and P is a predicate in Nk and 
hence also in Nk-i- By the induction hypothesis, there exist a clause C = P ^ 

A, P{t) G Nk-i and a substitution cr such that s = skt(f)cr and for each variable 
X and predicate S with C = S(x),r' —>■ A, P{t[x]p), S{s") G I, where s = s[s"]p. 

The first approximation rule application is either a Linear, a Shallow or a Horn 
transformation, considered below by case analysis. 

Horn Case. Let ^apr be a Horn transformation that replaces P” —>■ A', Q{t') 
with P" -A Q{t'). If C ^ P" —>■ Q{t'), then C G Nk fulfills the claim. Otherwise, 

P" -A A' ,Q{t) G Nk fulfills the claim since P = Q and P' = P". 

Linear Case. Let ^apr be a linear transformation that replaces Ck = P" -A 
E[x\p^q with Ck-i = r",r"{x 1 -^ x'} -A E[x'\q. If C 7 ^ Cfe-i, then C G Nk 
fulfills the claim. Otherwise, Ck = P" -A Plt){x' i—>■ x} G Nk fulfills the claim 
since s = skt(t)tT = skt(t{x' ^ x})a and P" C P", r"{x ^ x'}. 

Shallow Case. Let =>apr be a shallow transformation that replaces Ck = 

P" -A E[s'\p with Ck-i = S'(x),Ti — 5 > E[x\p and C'k_i = ^ S{s'). Since S 

is fresh, C ^ If C 7 ^ Ck-\, then C G Nk fulfills the claim. Otherwise, 

C = Ck-i = S{x),ri -A P{t[x]p) and hence, s = skt(t[x]p)CT and S{s") G I for 
s = s[s"]p. Then by the induction hypothesis, there exist a clause Cs = Ps ^ 

As, S{ts) G Nk-i and a substitution as such that s" = skt{ts)as and for each 
variable x and predicate S' with Cs = S'{x),rg -A As,P{ts[x]q), S'{s'") G I, 
where s" = s''[s'"]q. By construction, Cs = Thus, s" = skt(s')cr 5 and 

s = skt(t[x]p)cr imply there exists a a" such that s = skt(t[s']p)cr”. Furthermore 
since A U /2 = P", if Ck = S'{x),r'" -A H(t[s']p)[x]q, then either S'{x) G A 
and thus S'{s"") G I, where s = s[s""]q, or S'{x) G A and thus S'{s"") G I, 
where s[s"]p = (s[s"]p)[s""]q. Hence, Ck G Nk fulfills the claim. 

Lemma 4 Let N be a clause set and N' be its approximation via =^apr- Let N' 
be satisfiable and I be a minimal model for N'. If P{s) G I {T{fp{si ,..., s„)) G 
I) and P is a predicate in N, then there exist a clause P -A A,P{t) G fV (T — 5 > 

A, P{ti,... ,tn) G N) and a substitution a such that s = skt{t)a (si = skt{ti)a 
for all i). 

Proof Let Pi,..., be the non-monadic predicates in N and Nmo = hpA- ■ ■ {hP„ (-^)))- 
Then, Nmo is monadic and also has N' as its approximation via =^apr- 

Let P(s) G I and P is a predicate in N. Since P is monadic, P is a predicate 
in Nmo- Hence by Lemma [Sj there exists a clause P ^ A, P{t) G Nmo and a 
substitution a such that s = skt(t)cr. Then, .. {p.fA{r -A A, P{t))) ■ ■ ■) = 

Pp^i- ■ ■ {pfA{r) ...)—>■ p.~fl{- ■ ■ {p,fA{A )...), P{t) G N fulfills the claim. 
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Let T{fp(si ,..., Sn)) G I and P is a predicate in N. T is monadic and a pred¬ 
icate in Nmo- Hence by Lemma [31 there exists a clause F A, T{t) G Nmo and 
a substitution a such that /p(si,..., s„) = skt(t)tT. Therefore, t = fp{ti ,..., 
with Si = skt(ti)a for all i. Then, -5> A,T{fp{ti ,... ,t„)))) • ■ ■) = 

■ ■ {fJ,p^{F) fJ.p^{. ■ ■ {fip^{A).. ... ,tn) € N fulfills the claim. 

The above lemma also holds if satisfiability of N' is dropped and I is replaced 
by the superposition partial minimal model operator |13] . 

3 Lifting the Conflicting Core 

Given a monadic, linear, shallow, Horn approximation Nk of N and a conflicting 
core Nj^ of Nk, using the transformations provided in this section we attempt 
to lift to a conflicting core of N. In case of success this shows the 
unsatisfiability of N. In case an approximation step cannot be lifted the original 
clause set is refined by instantiation, explained in the next section. 

Let Nk be an unsatisfiable monadic, linear, shallow, Horn approximation. 
Since Nk belongs to a decidable first-order fragment, we expect an appropriate 
decision procedure to generate a proof of unsatisfiability for Nk, e.g., ordered 
resolution with selection [T3] . A conflicting core can be straightforwardly gener¬ 
ated out of a resolution refutation by applying the substitutions of the proof to 
the used input clauses. 

Starting with a resolution refutation, in order to construct the conflicting 
core, we begin with the singleton set containing the pair of empty clause and the 
empty substitution. Furthermore, we assume that all input clauses from Nk used 
in the refutation are variable disjoint. Then we recursively choose a pair (C, a) 
from the set where C ^ Nk- There exists a step in the refutation that generated 
this clause. In the case of a resolution inference, there are two parent clauses 
Cl and Cl in the refutation and two substitutions a\ and (72 such that C is the 
resolvent of Citri and C 2 <J 2 - In the case of a factoring inference, there is one 
parent clause C in the refutation and a substitution a' such that C is the factor 
of C'a'. Replace (C, cr) by (Ci,ctict) and {C^,^^^') or by (C',a'a') respectively. 
The procedure terminates in linear time in the size of the refutation. For each 
pair (C, cr), collect the clause Ca, resulting in a conflicting core N^ of Nk- 

Example 1 Let N = {P{x, x'); P{y, a), P{z,b) with signature E = a/0, b/0. 
N is unsatisfiable and a possible resolution refutation is resolving P{b, a) and 
P{a,b) with P{b,a),P{a,b) —From this we get the conflicting core 
a); b)-,P{h, a), P{a, b) -!>}. 

An alternative refutation is to resolve P{x,x') and P{y,a),P{z,b) —^ with 
substitution {x ^ y,x' i—>■ a} and then the resolvent and P(x,x') with substi¬ 
tution {x I—> z',x' 1 —^ b}. From this refutation we construct the conflicting core 
Nyz = {Piy^ a); b); P{y, a), Piz, b) ^}. 

Note that in Example |T] is more general than since Ny^{y ^b-,z^ 
a} = N/^. a conflicting core is minimal in that it represents the most general 
clauses corresponding to the refutation from that it is generated. 
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Lifting the Monadic Transformation. Since the Monadic transformation is 
satisfiability preserving, lifting always succeeds by replacing any T(fp(ti ,..., <„)) 
atoms in the core by P(ti ,..., t„). 

Example 2 Let iVo = {P{x,x')] P{y,a),P{z,b) ^■}. Then N/, = {T{fp{x,x')); 
T{fp{y,a)),T{fp(z,b)) —>■} is a Monadic transformation of Nq and a conflicting 
core is Njf = {T{fp{y,a)); T{fp{z,b)); T{fp{y,a)),T{fp{z,b)) Reverting 
the atoms in Nj^ gives N-^ = {P{y,a)] P{z,b)] P{y,a), P{z,b) a conflicting 
core of Nq. 

Lemma 5 (Lifting the Monadic Transformation) Let ^*mo ^k+i be 
the transformation that exactly removes all occurrences of atoms 
and replaces those by atoms T{fp{ti,... ,t„)). If is a conflicting core for 
Nk+i then there is a conflicting core Nj^ of Nk ■ 

Proof. Since the Monadic transformation is satisfiability preserving, unsatisfi¬ 
ability of Nk+i directly implies unsatisfiability of Nk and the existence of a 
conflicting core of Nk- 

Lifting the Horn Transformation. For a Horn transformation there are 
two ways for lifting. The first, directly lifting the core, only succeeds in special 
cases, where the original clause and its approximation are equivalent for the 
instantiations appearing in the core. 

Example 3 Let Nq = {P{a,b) —>■; P{x,b), P{a,y)}. Then Nk = {P{a,b) —>■ 

; P{x,b)} is a Horn transformation of Nq and a conflicting core is Nj^ = 
{P{a,b) — P{a,b)}. By substituting y with b, N^ lifts to N-^ = {P{a,b) —>■; 
P{a,b), P{a,b)} a conflicting core of Nq. 

Lemma 6 (Lifting the Horn Transformation (direct)) Let Nk ^HO Nk+i 
where Nk = N U {P -5- Ei,..., En} and Nk+i = N U {P Ei}. Let Njf^.^ be 
a conflicting core of Nk+i- If for all {P —?■ Ei)aj € 1 < j < rn there is 

a substitution ct' such that N^Xj \= {P ^ Ei,... ,En)<jl —^ (T —^ Ei)aj, such 
that Nl C Nk and N^Tj U {{P —>■ Ei ,..., Erfjul, -^{P —> Ei)aj} is a conflicting 
core, then \ {{P Ei)aj | 1 < j < m} U {{P Ei,, E„)crl | 1 < j < 

m} U (J N^Tj is a conflicting core of Nk. 
j 

Proof. Let cr be a grounding substitution for N^ and Since Nk \= {P ^ 

El,... ,En)al (T Ei)aj, N^a \= N^a U {{P Ei)aj | 1 < j < m}a \= 
Hence, N^a is unsatisfiable because Nj^_^^a is unsatisfiable. Therefore, 
is an conflicting core of Nk. 

Of course, the condition NItj 1= (T —> Ei, ..., En)aj {P ^ Pi)^j itself is 
undecidable, in general. The above lemma is meant to be a justification for the 
cases where this relation can be decided, e.g, by reduction. In general, the next 



lemma applies. We assume any non-Horn clauses have exactly two positive liter¬ 
als. Otherwise, we would have first redefined pairs of positive literals using fresh 
predicates. Further assume w.l.o.g. that Horn transformation always chooses the 
first positive Literal of a non-Horn clause. 

The indirect method uses the information from the conflicting core to re¬ 
place the non-Horn clause with a satisfiable equivalent unit clause, which is then 
solved recursively. Since this unit clause is already Horn, we lifted one Horn 
approximation step. 

Example 4 Let Nk = {P{a),Q{a)-, P{x) ^}. The Horn transformation Nk = 
{P{a); P{x) —>■} has a conflicting core Njf = {P(a);P(a) —>■}. Nj^ abstracts a 
resolution refutation with T as the result. If we replace P{a) with P{a),Q{a) in 
such a refutation, the result will be Q{a) instead and hence Nk N Q{a) Since 
Q(a) subsumes P{a),Q{a), 

Nk is satisfiable if N'j. = {Q(a); P{x) —>■} is too. 

Lemma 7 (Lifting the Horn Transformation (indirect)) Let N be a set 

of variable disjoint clauses, N Nk =>ho Nk = iV U {P —^ Pi,P 2 } 

and Nk+i = iV U {P ^ Pi} and P^i be a conflicting core of Nk+i where 
Lemma\^does not apply. Let (P Ei)a G , where a is a variable renaming 

and N^Tj ^ (P ^ Pi,P 2 )cr} —?> (P —>■ Pi)cr for any N^ C Nk,Tj and cr'. If there 
exists a conflicting core N^ of N U {P 2 }, then a conflicting core of Nk exists. 

Proof. From the conflicting core we can conclude that there exists an 

unsatisfiability proof of iVfe+i which derives _L and uses (P —^ Pi)cr as the only 
instance of P ^ Pi. If we were to replace (P —^ Pi)cr by (P —>■ Ei,E 2 )a, 
the unsatisfiability proof’s root clause would instead be p 2 cr. Hence, we know 
that Nk 1= fVfe U {P 2 cr}. Furthermore, iVfc |= U {p 2 cr} since P 2 cr subsumes 
P —y Pi, P 2 . 

Let p 20 'j G N-^ for 1 < j < m and N^^ = \ {(P —>• Pi )cr} U {(P —>■ 

Pi, P 2 )cr} Then N-^ \ {p 20 ’j | 1 < j < m} U N^^aj is a conflict core of Nk. 

3 

Note that Nk now again contains the Non-Horn clause P —>■ Pi,P 2 . Then, 
in a following indirect Horn lifting step P —^ Pi, P 2 can not necessarily be again 
replaced by E^a. Hence, the indirect Horn lifting needs to be repeated. 


Lifting the Shallow Transformation. A Shallow transformation introduces 
a new predicate S, which is removed in the lifting step. We take all clauses with 
P-atoms in the conflicting core and generate any possible resolutions on P-atoms. 
The resolvents, which don’t contain P-atoms anymore, then replace their parent 
clauses in the core. Lifting succeeds if all introduced resolvents are instances of 
clauses before the shallow transformation. 

Examples Let N^ = {P{x),Q{y) R{x, f{y)); P{a);Q{b); R{a, f(b)) 

Then Nk = {S{x'),P{x) ^ Rix,x'y,Q{y) ^ P(/(y)); P(a); Q(6); R{aJ{b)) 
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is a Shallow transformation of Nq and a conflicting core is = S{f{b)), 
P{a) R{a, /(&)); Q{b) S{f{b)); P{a); Q{b); R{a, f{b)) -5>. By replacing 
S{f{h)),P{a) —>■ R{a,f{b)) and Q{b) S{f{b)) with the resolvent, Njf lifts to 
= {P{a),Q{b) —> R{a, f{b)); P{a);Q{b); R{a, f(b)) —>} a conflicting core of 

No. 

Lemma 8 (Lifting the Shallow Transformation) Let Nk ^sh Nk+i where 
Nk = NU{r ^ E[s]p} and Nk+i = NU {5'(x), A E[x]p} U {r 2 5'(s)}. 

Let be a conflicting core of Nk+i ■ Let Ns be the set of all resolvents from 

clauses from on the S literal. If for all clauses Cj € Ns, 1 < j < to 

there is a substitution aj .such that Cj = {P ^ ^[s]p)<^j then \ {C \ C G 

N^j^i and contains an S-atom} U {{P — ?■ E[s]p)a-j | 1 < j < to} is a conflicting 
core of Nk. 

Proof. Let ct be a grounding substitution for Nj^ and and I be an interpre¬ 
tation. As A^^icr is unsatisfiable, there is a clause D G such that I D. 

If D does not contain an S'-atom, then D G N^a and hence I \f N^a. 

Now assume only clauses that contain A-atoms are false under I. By con¬ 
struction, any such clause is equal to either (S'(a;),A —>■ E[x\p)(j' = C\a' or 
(A —>■ S{s))a' = Act' for some substitution ct'. Let /' := {5 '(s)ct' | Act' G 
A^fc+iCT and I ^ Act'} U I \ {S{x)a' \ Act' G A^^ct and I Act'}, i.e., we 
change the truth value for A-Literals such that the clauses unsatisfied under I 
are satisfied under /'. 

Since I and /' only differ on literals with predicate S and iV^iCr is unsatisfiable, 
some clause C, containing an S'-atom and satisfied under I, has to be false under 
/'. 

Let C = Acti. Since INC, S(x)cti was added to /' by some clause D = Act 2 , 
where S(s)ct 2 = S(x)cti. Hence, C and D can be resolved on their S-literals and 
the resolvent R is in Nj^a. Since I D, I' C and R contains no S-atom, I R 
and therefore I N^a. 

For C = Act 2 the proof is analogous. 

Thus, for all interpretations I and grounding substitutions a, I if N^a and 
hence N^a is a conflicting core of Nk. 


Lifting the Linear Transformation. In order to lift a Linear transformation 
the remaining and the newly introduced variable need to be instantiated the 
same term. 

Example 6 Let Nk-i = {P{x,x)-, P{y,a), P{z,b) — >}. Then Nk = {P{x,x'); 
P{y,a),P{z,b) —>} is a Linear transformation of Nk-i and and Njf = {P{a,a); 
P{b,b); P(a,a), P(b,b) —>■} is a conflicting core of Nk. Since P{a,a) and P(b,b) 
are instances of P{x,x) lifting succeeds and Nj^ is also a core of Nk-i. 

Lemma 9 (Lifting the Linear Transformation) Let Nk ^li Nk+i where 
Nk = N U {P —>■ E[x]p^q} and Nk+i = N U {P{x x'}, P E[x']q}. Let 
be a conflicting core of Nk+i. If for all {r{x i—>• x'},r E[x']q)aj G 
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1 < j < m we have xaj = x'aj then iV^j^ \ {(/^{x i—>■ x'},r — >■ E\x']q)aj \ 1 < 
j < w} U {{r ^ E[x]p^q)aj I 1 < j < m} is a conflicting core of Nk- 

Proof. Let cr be a grounding substitution for Nj^ and As xaj = x'aj for 

1 < j < m, (A —>■ E[x]p^q)aja \= (A, A E[x]p^q)aja = (A{x i—>• x'},r 
E[x']q)aja. Hence, N^a \= N^aU{{r{x x'},r —>■ E[x']q)aja | 1 < j < m} N 
Since A^^iCr is unsatisfiable Nj^a is unsatisfiable as well. Therefore, Nj^ 
is a conflicting core of Nk- 


Lifting with Instantiation. By definition, if N-^ is a conflicting core of N, then 
N^t is also a conflicting core of N for any r. Example [7] shows it is sometimes 
possible to instantiate a conflicting core, where no lifting lemma applies, into a 
core, where one does. This then still implies a successful lifting. 

Example 7 Let Nk-i = {P(x,x); P{y,a),P{z,b) —>•}. Then Nk = {P{x,x')] 
P{y, a), P{z, b) —>•} is a Linear transformation of Nk-i and and Njf = {P{y, a); 
P{b^b); P{y,a),P{b,b) —i>} is a conflicting core of Nk- Since for P{y,a) = 
P{x, x')a xa = y a = x'a Lemma\^ is not applicable. 

However, Lemma\^ can be applied on N^{y i—>■ a; z i—>■ 6} = {P{a, a); P{b, b); 
P{a,a),P{b, b) -^}. 

4 Approximation Refinement 

In the previous section, we have presented the lifting process. If, however, in 
one of the lifting steps conditions of the lemma are not met, lifting fails and we 
now refine the original clause set in order to rule out the non-liftable conflicting 
core. Again, since lifting fails at one of the approximation steps, we consider the 
different approximation steps for refinement. 


Linear Approximation Refinement. A Linear transformation enables fur¬ 
ther instantiations of the abstracted clause compared to the original, that is, two 
variables that were the same can now be instantiated differently. If the conflicting 
core of the approximation contains such instances the lifting fails. 

Definition 7 (Linear Approximation Refinement) Let N be a set of vari¬ 
able disjoint clauses, N ^li Nk+i and N^^.^ be a conflicting core of 

Nk+i where Lemmal^ does not apply. Let C'a = (T{x i—>■ x'},r —>■ E[x']q)a G 
^k+i s'ach that xa and x'a have no common instances. Let C € N be the Anees- 
tor of C G A^fc+i. Then the linear approximation refinement of N, C, x, x', a is 
the clause set N \ {C} U {Cti, ..., Crn} where the Cti are the specific instances 
of C with respect to the substitutions {x i—>■ xa} and {x x'a}. 

Note that if there is no C'a, where xa and x'a have no common instances, it 
implies that there is a substitution r where Lemma IHl applies on Hence, 

is a liftable conflicting core. 
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Let Nq Nk-i = U {r E[x]p^q} =4>li A^fe = A^ U {F{x x'}, F — ^ 

E[x']q} and the core A^^ of Nk contains the clause C'a = {F{x x'},F —5> 
E[x']q)a, where xa and x'a have no common instances. After applying Linear 
Approximation Refinement, there are Cxi and Cxj with i ^ j such that Cxi 
contains all instances where {x i—> xa} and Cxj contains all instances where 
{x I—?■ x'a}. Assume there is a C" with an ancestor Cx such that C'a is an 
instance of C". This would imply that Cx has instances, where {x xa} and 
{x I—>■ x'a}. Then Cxi = Cx = Cxj, which is a contradiction to Definition [51 

Example 8 Let Nq = {P{x,x); P{y,a), P(z,b) —)•}. Then Nk = {P{x,x'); 
P{y,a),P{z,b) —>■} is a Linear transformation of Nq and and N^ = {P{a,a); 
P(a,b)\ P(a,a), P{a,b) —>■} is a conflicting core of Nk. 

Due to P{a,b) = P{x,x'){x a,x' i— b} lifting fails. The Linear Approxima¬ 
tion Refinement replaces P{x,x) in Nq with P{a,a) and P{b,b). In the refined 
approximation N'f. = {P{a,a); P{b,b); P{y,a), P{z,b) —>■} the violating clause 
P{a, b) is not an instance of N'^ and hence, the not-liftable conflicting core N^ 
cannot be found again. 

Shallow Approximation Refinement. The Shallow transformation is some¬ 
what more complex than linear transformation, but the idea behind it is very 
similar to the linear case. As mentioned before, the Shallow transformation can 
always be lifted if the set of common variables vars(r' 2 ,s) fi vars(Ti,E[x]p) is 
empty. Otherwise, each such variable potentially introduces instantiations that 
are not liftable. 

Definition 8 (Shallow Approximation Refinement) Let N be a set of vari¬ 
able disjoint clauses, N ^sh A^fc+i and be a conflicting core of 

Nk+i where Lemma\^ does not apply. Let Cp be the resolvent from the final Shal¬ 
low rule application such that Cp (T —>■ E[s]p)ap for any ap. Let CiCTi € 
and C 20'2 S A^j^ be the parent clauses of Cp. Let y € dom{ai) fi dom{a 2 ), 
where yai and ya 2 have no common instances. Let C G N be the Ancestor of 
Cl G Afc+i. Then the shallow approximation refinement of N, C, x, ui, 02 is 
the clause set A \ {C} U {Cri,..., Cxn} where the Cxi are the specific instances 
of C with respect to the substitutions {cc 1 -^ xai} and {x 1 -^ xa 2 }. 

As in Linear Approximation Refinement, if for every resolvent Cpa yai and 
2/(72 have common instances, it implies that there is a substitution r where 
Lemma [5] applies on A^j^r. After applying Shallow Approximation Refinement, 
there are Cxi and Cxj with i j such that Cxi contains all instances where 
{x I—>• xai} and Cxj contains all instances where {x 1 —>■ xa 2 }. Hence, Cxi is 
now the ancestor of CiCTi, while Cxj is the ancestor of C 2 <J 2 - Since they have 
different ancestors, they can no longer be resolved on their S'-atoms which now 
have different predicates. Hence Cp is no longer a resolvent in the conflicting 
core. 

Example 9 Let Nq = {P{f [x, g{x)))-, P{f [a, g{b)) —>■} with signature S = a/0, 
b/0, gfl,ff2. Then Nk = {5'(z) P{fix, z)); S{g{y)); P{f{a,g{b)) -^} is a 
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Shallow transformation of Nq and and = {S{g{h)) P{f{a,g{b)));S{g{b)); 

-P(/(0)ff(^)) ® conflicting core of Nk- 

The clauses S{glb)) P{f{a, g{b))) and S{g(b)) have the resolvent P{f (a, gib))), 
which is not an instance of P{ f{x, g{x))). The Shallow Approximation Refine¬ 
ment replaces P{f{x,g(x))) in Nq with P{f{a,g{a))), P{f{b,g{b))), 
P{f{ 9 {x),g{g{x)))) and Pifif{x,y),g{f{x,y)))). 

The approximation of the refined Nq is now satisfiable. 

Horn Approximation Refinement. Lifting a core of a Horn transformation 
fails, if the positive literals removed by the Horn transformation are not dealt 
with in the approximated proof. Since Lemma [7] only handles cases where the 
approximated clause appears uninstantiated in the conflicting core, the Horn 
Approximation Refinement is used to ensure such a core exists. 

Definition 9 (Horn Approximation Refinement) Let N be a set of vari¬ 
able disjoint clauses, N Nk =^ho Nk = N U {P —>■ Ei,E 2 } 

and Nk+i = N Li {P Ei} and be a conflicting core of Nk+i where 

Lemmas [1 and do not apply. Let {P Ei)a € be a clause from 

the final Horn rule application such that a is not a variable renaming and 
{P ^ Ei,E 2 )cr'j -)• (H ^ Ei)a for any N^ C Nk,Tj and a'j. Let 
C € N he the Ancestor of P Ei £ Nk+i and a' a substitution such that aa' 
is linear for C. Then the horn approximation refinement I of N, C, a, a' is 
the clause set N \ {C} U {Ccrcr', Cti, ... ,CTn} where the Cxi are the specific 
instances of C with respect to the substitutions aa'. 

Note that the condition for the extended version of specific instantiation to 
have a finite representation is not generally met by an arbitrary a. Therefore, 
cr may need to be further instantiated or even made ground. After the Horn 
Approximation Refinement, Lemma [7] can be applied on the clause with ancestor 
Caa'. 

Example 10 Let Nq = {P{x),Q{x); P{a) —>■} with signature S = alQ,fll. 
The Horn transformation Nk = {P{x)', P{a) —>} has a conflicting core Nj^ = 
{P{a); P{a) —5>}. We pick —>■ P{a) as the instance of P{x) G N^ to use for the 
Horn Approximation Refinement. The result is Nq = {P{a), Q(a); P(/(x)), Q{f(x))] 
P{a) —^} and its approximation also has Nj^ as a conflicting core. However, now 
Lemma^ applies. 

Lemma 10 (Completeness) Let N be an unsatisfiable clause set and Nk its 
approximation. Then, there exists a conflicting core of Nk that can be lifted to 
N. 

Proof, by induction on the number k of approximation steps. The case fc = 0 is 
obvious. For fc > 0, let N Nk-i ^apr Nk. By the inductive hypothesis, 

there is a conflicting core N^_.y of Nk-i which can be lifted to N. 

The final approximation rule application is either a Linear, a Shallow, a Horn 
or a Monadic transformation, considered below by case analysis. 
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Linear Case. Let N Nk-i = N' \J {F E[x]p^q} =>li Nk = N' Li 

{C{a; I—>■ x'}, r —>■ E[x']q}. For every {F —>■ E[x\p^q)aj € Nj^_^ ^ < j < m, {F ^ 
E[x]p^q)aj \= {F{x 1 -^ x'}, F ^ £'[a;']q)({a:'>->■ a:}crj). Hence \{(F —>■ 

E[x]p^q)aj I 1 < j < m} U {{F{x i—>■ x'},F —>■ E[x']q){x' i—>■ x}aj | 1 < j < m} 
is a conflicting core of Nj^. By Lemma IHl can be lifted back to Hence, 

the conflicting core Nj^ can be lifted to N. 

Shallow Case. Let N =^>^pp iVfc-i = iV' U {C —> ii^[s]p} ^sh Nk = N' Li 
{S{x),Fi E[x]p} U {F2 5'(s)}. We construct Ng from by replacing 

every {F — >• E[s]p)aj G N^_-^ ^ < j "£ mn with {Sj{x),Fi — >■ E[x]p)aj and 
{F2 —>■ Sj{s))aj. Ng is a conflicting core, which by m applications of Lemma [8] 
on each Sj can be lifted to From Ng we get by renaming every Sj 

into S, which is a conflicting core of Nk- The existence of Ng shows that Nj^ 
can be lifted to Nj^_-^. 

Horn Case. W.l.o.g. let N =>^pp Nk-i = N' Li {F —>• Ei,E 2 } ^ho Nk = 
N'U{F ^ El}. LetC = F^ Ei,E 2 and C = F ^ Ei. If Ca G N^_^ holds 
for at most one ct, we construct N^ from by replacing Ca with C a such 

that N^ C Nk- Since Ca subsumes Ca, N^ \= N^ U {Ca}. As Nj}- U {Ctr} is a 
superset of N^ is therefore a ground conflicting core of Nk. If C'a and Ca 

are already equivalent, N^ can be lifted to N^_.^. Otherwise, let be 

where Ca is instead replaced by i? 2 cr. Again since £’ 20 ' subsumes Ca, N{-^^ is a 
ground conflicting core. As shown before, (iV^:*:;^\{£ 2 CT})U(A^^\{C"cr}) = 
is a lifting from Nk to Nk-i. 

Assume Ccti G N^_^ and C'ct 2 G holds for cti ^ a 2 . In this case the original 
clause C can be specifically instantiated in such a way that Cai and Ca2 are 
no longer instances of the same clause, while Nj}-_^ remains a conflicting core. 
Hence, after finitely many such partitions eventually the first case will hold. 

Monadic Case. Let N ^^pp Nk-j ^mo where Nk-j has no occurrence 
of an atom T{fp(ti,..., tn)) and Nk no occurrence of an atom P{ti,..., tn) and 
all introduced atoms in the transformation are of the form T{fp(si,..., Sn))- By 
the inductive hypothesis, there is a ground conflicting core Nj}-_j of Nk-j which 
can be lifted to N. By Lemma [TJii) Monadic transformation preserves unsatis¬ 
fiability and therefore fJ.p{Ni}'_j) is a ground conflicting core of Nk. Hp{Nj}'_j) 
can be lifted to ^J^p^{^^p{N^_^)) = N^_j a conflicting core of Nk-j. 


The above lemma considers static completeness, i.e., it does not tell how the 
conflicting core that can eventually be lifted is found. One way is to enumerate 
all refutations of Nk in a fair way. A straightforward fairness criterion is to 
enumerate the refutations by increasing term depth of the clauses used in the 
refutation. Since the decision procedure on the mslH fragment |12j generates 
only finitely many different non-redundant clauses not exceeding a concrete term 
depth with respect to the renaming of variables, eventually the liftable refutation 
will be generated. 
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5 Future and Related Work 


The condition for the lifing lemma for Shallow transformation (Lemma [5]) is 
stronger than necessary, as the following example shows. 

Example 11 Let No = {P{x, z), Q{y, z) R{x, f{y));P{a, a); P{a, b); 
Q{b,a),Q{b,b); R{a,f{b)) -^} and Nk = {S{y),P{x,z) R{x,y);Q{y, z) 

S{f{y));P{a,a);P{a,b);Q{b,a),Q{b,b); R{a,f{b)) —>■} is a Shallow transfor¬ 
mation of Nk- Nq and Nk are unsatisfiable and Njf = {S{f{b)), P{a,a) 
R{a,f{h))-Q{b,a) ^ S{f{h))-S{f{b)),P{a,b) ^ R{a, f{h))-Q{b,h) ^ 5(/(&)); 
P{a,a)\P(a,b)\Q{b,a),Q{b,b)]R(a, f{b)) —i>} is a conflicting core of Nk- Lift¬ 
ing N^ fails because the resolvent P{a,a),Q{b,b) —>■ R{a,f{b)) is not an in¬ 
stance of P{x, z),Q{y, z) —>■ R{x,f{y)). However, if we ignored the violating 
resolvents, it would result in the valid conflicting core N-^ = {P{a,a),Q{b,a) 
R{a, fib)); P{a, b),Q{b, b) i?(a, /(&)); P(a, a); P(a, b); Q{b, a),Q{b, b); 
Ria,fib))^}. 

This does not break lifting. The shallow refinement will partition the clause 
in such a way that the resolvents that violate the lifting condition are one-by- 
one removed. In Example 1111 the refinement would partition Pix, z),Q{y, z) —>■ 
R{x,f{y)) on the variable z. This will result in S{f{b)), P{a,a) Ria,fib)) 
and Q{b,b) —>■ S{fib)) containing different ^-predicates and hence no longer 
being resolvable. 

However, a refinement is not necessary to achieve this effect. The necessary 
information can be taken from the refutation and incorporated into the conflict¬ 
ing core during construction. 

If a problem N is unsatisfiable, not only does there exist an unsatisfiability 
proof but one where 5'-literals only occur on leaves. Such a proof can be found 
by a ordered resolution calculus through selecting negative S'-literals and an 
ordering where positive S'-literals are strictly maximal. Given such a setting a 
solver will only resolve a clause S{x),ri —>■ with P 2 —>■ < 5 ( 5 ) on the 

S'-atom and hence any S'-atom will only appear at the leaves of the refutation. 

In such a proof, we then uniquely rename the S'-predicate in each pair of 
leaves. The conflicting core constructed from this proof then only allows resolu¬ 
tions on S'-literals that also occur in the proof. On this core we can then check 
the lifting condition. 

In examplelTTlthe core would then instead be {Si{f{b)), P(a,a) —>■ R{a,f{b)); 
Qib,a) ^ S,ifib));S 2 {fib)),P{a,b) ^ P(a,/( 6 )); g(&, 6 ) ^ ^ 2 (/( 6 )); P(a,a); 
P(a, b);Q{b, a),Q{b, b);R{a, f{b)) —>■}. This core is liftable to N-^ by Lemma|51 


Related Work In ”A theory of abstractions” [2] Giunchiglia and Walsh don’t 
define an actual approximation but a general framework to classify and com¬ 
pare approximations, which are here called abstractions. They informally define 
abstractions as ’’the process of mapping a representations of a problem” that 
’’helps deal with the problem in the original search space by preserving certain 
desirable properties" and ”is simpler to handle". 


15 


In their framework an abstraction is a mapping between formal systems, 
i.e., a triple of a language, axioms and deduction rules, which satisfy one of the 
following conditions: An increasing abstraction (TI) / maps theorems only to 
theorems, i.e., if a is a theorem, then /(a) is also a theorem, while a decreasing 
abstraction (TD) maps only theorems to theorems, i.e., if /(a) is a theorem, 
then a was also a theorem. 

Furthermore, they define dual definitions for refutations, where not theo¬ 
rems but formulas that make a formal system inconsistent are considered. An 
increasing abstraction (NTI) then maps inconsistent formulas only to inconsis¬ 
tent formulas and vice versa for decreasing abstractions (NTD). 

They list several examples of abstractions such as ABSTRIPS by Sacer- 
doti Bn], a GPS planning method by Newell and Simon [7], Plaisted’s theory of 
abstractions [9] , propositional abstractions exemplified by Giunchiglia [1] , pred¬ 
icate abstractions by by Plaisted [9] and Tenenberg BU, domain abstractions by 
Hobbs [3] and lemielinski [4] and ground abstractions introduced by Plaisted [9] . 

With respect to their notions the approximation described in this paper is 
an abstraction where the desirable property is the over-approximation and the 
decidability of the fragment makes it simpler to handle. More specifically in the 
context of [5] the approximation is an NTI abstraction for refutation systems, 
i.e., it is an abstraction that preserves inconsistency of the original. 

In Plaisted [9] three classes of abstractions are defined. The first two are 
ordinary and weak abstractions, which share the condition that if C subsumes 
D then every abstraction of D is subsumed by some abstraction of C. However, 
our approximation falls in neither class as it violates this condition via the Horn 
approximation. For example Q subsumes P, Q, but the Horn approximation P 
of P, Q is not subsumed by any approximation of Q. The third class are general¬ 
ization functions, which change not the problem but abstract the resolution rule 
of inference. 

The theorem prover iProver uses the Inst-Gen [5] method, where a first-order 
problem is abstracted with a SAT problem by replacing every variable by the 
fresh constant T. The approximation is solved by a SAT solver and its answer is 
lifted to the original by equating abstracted terms with the set they represent, 
e.g., if P(T) is true in a model returned by the SAT solver, then all instantia¬ 
tions of the original P{x) are considered true as well. Inst-Gen abstracts using 
an under-approximation of the original clause set. In case the lifting of the sat¬ 
isfying model is inconsistent, the clash is resolved by appropriately instantiating 
the involved clauses, which mimics an inference step. This is the dual of our 
method with the roles of satisfiability and unsatisfiability switched. A further 
difference, however, is that Inst-Gen only finds finite models after approxima¬ 
tion, while our approximation also discovers infinite models. For example the 
simple problem {P(a), -,P(/(a)), P{x) P{f{f{x))), P{f{f{x))) P{x)} has 

the satisfying model where P is the set of even numbers. However, iProver’s 
approximation can never return such a model as any P(/"(T)) will necessarily 
abstract both true and false atoms and therefore instantiate new clauses in¬ 
finitely. Our method on the other hand will produce the approximation {P(a), 
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-P(/(a)), S{y) Pifiy)), P{x) S{f{x)), P{f{f{x))) P{x)}, which is 

saturated after inferring P{x) —?■ P(/(/(x))) and -^S{f{a)). 

In summary, we have presented the first sound and complete calculus for 
hrst-order logic based on an over-approximation-refinement loop. There is no 
implementation so far, but the calculus will be practically useful if a problem 
is close to the mslH fragment in the sense that only a few refinement loops are 
needed for finding the model or a liftable refutation. The abstraction relation 
is already implemented and applying it to all satisfiable non-equality problems 
TPTP version 6.1 results in a success rate of 34%, i.e., for all these problems the 
approximation is not too crude and directly delivers the result. 

It might be possible to apply our idea to other decidable fragments of first- 
order logic. However, then they have to support via approximation the presented 
lifting and refinement principle. 

Our result is also a first step towards a model-based guidance of first-order 
reasoning. We proved that a model of the approximated clause set is also a model 
for the original clause set. For model guidance, we need this property also for 
partial models. For example, in the sense that if a clause is false with respect to 
a partial model operator on the original clause set, it is also false with respect 
to a partial model operator on the approximated clause set. This property does 
not hold for the standard superposition partial model operator and the mslH 
approximation suggested in this paper. It is subject to future research. 
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A Skeleton and Partial Minimal Model Constrnction 

As mentioned before, Lemma S] also holds if satisfiability of N' is dropped and 
I is replaced by the superposition partial minimal model operator Ha- 

Definition 10 (Partial Minimal Model Construction) Given the set of ground 
clauses Ng of N and an ordering -< we construct an interpretation In for N, 
called a partial model, inductively as follows: 

Ic '■= [J 

DeNg,D^C 

g ( {P} if D = D' \/ P, P strictly maximal and Id 'ff D 
^ ' (0 otherwise 

In '■= [J 5c 

CGN, 

Clauses C with 6c ^ ^ are called productive. 

Note that this construction doesn’t terminate since the ground clause set of 
N is generally infinite. 

Lemma 11 Let Nk be a monadic clause set and Nq be its approximation via 
^APR- If Pis) € Ino ond P is a predicate in Nk, then there exists a clause 
C = P -A A, P{t) S Nk and a substitution a such that s = skt{t)<7 and for each 
variable x and predicate S with C = S(x), P' ^ A, S{s") G Inqj where 

s — s[s ]p. 

Proof. By induction on k. 

The base Nk = Nq holds by definition of the model operator I. 

Let N = Nk ^APR Nk-i ^APR Hq, Pis) G Inq and P is a predicate in 
Nk and hence also in Nk-i. By the induction hypothesis, there exist a clause 
C = P ^ A, Pit) G Nk-i and a substitution a such that s = skt(t)cr and for 
each variable x and predicate S with C = Six),!' -A A,P{t[x]p), Sis ") e Pno, 
where s = s[s"]p. 

Let ^APR be a Horn transformation that replaces P" -A A', Qit') with 
P" -A Qit'). II C ^ P" -A Qit'), then C G Nk fulfills the claim. Otherwise, 

P" -A A' ,Q{t) G Nk fulfills the claim since P = Q and P' = P". 
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Let ^APR be a linear transformation that replaces Ck = r" —>■ E[x\p^q 
with Ck-i = r",r"{x ^ x'} —>• E[x']q. If C 7 ^ Ck-i, then C € Nk fulfills 
the claim. Otherwise, Ck = E” —>■ P{t){x' x} € Nk fulfills the claim since 
s = skt(t)CT = skt(t{a;' x})a and E" C E",E"{x i-)- x'}. 

Let ^APR be a shallow transformation that replaces Ck = E" —>■ E\s']p with 
Ck-i = S{x),Ei —>■ E[x]p and C'^_i = /2 —>• S{s'). Since S is fresh, C ^ C'^_i- 
If C 7 ^ Cfe-i, then C G iVj, fulfills the claim. Otherwise, C = Ck-i = S{x),Ei 
P{t[x]p) and hence, s = skt(f[a;]p)cr and S{s ") e Eno for s = Then by the 

induction hypothesis, there exist a clause Cs = Es ^ ^S,S{ts) G Nk-i and a 
substitution as such that s" = skt(ts)cr 5 and for each variable x and predicate 
S' with Cs = S'{x),E^ As,Pits[x]q), S'{s'") G IjVo, where s" = s"[s'"]q. By 

construction, Cs = Thus, s" = skt(s')cr 5 and s = skt(t[a;]p)cr imply there 

exists a a" such that s = skt(t[s']p)cr”. Furthermore since A U /2 = T", if Ck = 

S'{x),E'" —!> P(t[s']p)[j:]q, then either S'{x) G Pi and thus S'{s"") G Enq, where 
s = s[s""]q, or S'{x) G P 2 and thus S'{s"") G Iato, where s[s"]p = (s[s'']p)[s""] 5 - 
Hence, Ck G Nk fulfills the claim. 

Lemma 12 Let N be a clause set and N' be its approximation via =^apr- If 
P{s) G En' {T{fp{si ,..., s„)) G Epf>) and P is a predicate in N, then there exist 
a clause E —>• A,P{t) € N (E ^ Z\, P(ti,..., t„) G N) and a substitution a 
such that s = skt{t)a (si = skt{ti)a for all i). 

Proof. Let Pi,..., P„ be the non-monadic predicates in N and Nmo = MPi (• • • (/^Pn (-^)))- 
Then, Nmo is monadic and also has N' as its approximation via =^apr- 

Let P(s) G Iat' and P is a predicate in N. Since P is monadic, P is a predicate 
in Nmo- Hence by Lemma [TTl there exists a clause E ^ A, P{t) G Nmo and a 
substitution a such that s = skt{t)a. Then, Pp^{. ■ ■ {p.p^{E —>■ A, P{t ))). ■.) = 

Hp^i- ■ ■ ih-pliE) ...)—!> Pp^i- ■ ■ {pp^{A )...), P{t) G N fulfills the claim. 

Let T{fp{si ,..., s„)) G E]kfi and P is a predicate in N. T is monadic and a 
predicate in Nmo- Hence by Lemma [TTl there exists a clause P —>■ A,T{t) G 
Nmo and a substitution a such that /p(si, ■. ■, s„) = skt(f)cr. Therefore, t = 
fpih, ...,tn) withs, = skt(t*)cr for alH. Then, pp^{... {ppl{E -P- A,T{fp{ti,.. - En)))) - - •) 
Pp^{- - ■ {pff{E )...) —5> . ■ (^p^(Zi).. .),P(ti ,... En) & N fulfills the claim. 


20 


